<?php

!defined('IN_NOVA') && exit('Access Denied!');

class Upload {

	public function start() {
		global $request;

		$action = $request->get( 'p' );

		switch( $action ) {
			case 'batchexe':
				$this->upload_del();
				break;
			default:
				$this->show( $action );
		}
	}

	function upload_del() {
		global $db;
		$control = getGP( 'Control','P' );
		$sql = getGP( 'SQL','P' );
		if( $control == '删除' ) {
			$id_arr = str_replace( 'ul_id=','',$sql );
			$id_arr = split( ' OR ',$id_arr );
			$size = count( $id_arr );
			for( $i=0; $i<$size; $i ++ ){
				// 删除文件
				$file_path = $db->result( 'SELECT ul_filepath FROM `' . DB_PREFIX . 'upload` WHERE ul_id=' . $id_arr[$i] );
				if( file_exists( XKLOG_ROOT . $file_path ) ) {
					if( !unlink( XKLOG_ROOT . $file_path ) ) {
						show_admin_message( '未能删除文件：' . $file_path . '，操作被终止','admin_upload.php' );
						exit;
					}
				}
				// 清理 upload 表
				$db->query( 'DELETE FROM `' . DB_PREFIX . 'upload` WHERE ul_id=' . $id_arr[$i] );
				// 清理 article 表
				$article_arr = $db->fetch_all( "SELECT id FROM `" . DB_PREFIX . "article` WHERE attachment LIKE '%{*" . $id_arr[$i] . "*}%'" );
				foreach( $article_arr as $article ) {
					$new_attachment = $db->result( 'SELECT attachment FROM `' . DB_PREFIX . 'article` WHERE id=' . $article['id'] );
					$new_attachment = str_replace( '{*' . $id_arr[$i] . '*}','',$new_attachment );
					$db->query( 'UPDATE `' . DB_PREFIX . "article` SET attachment='$new_attachment' WHERE id=" . $article['id'] );
				}
			}
			// 刷新缓存
			cache_count();
			show_admin_message( '批量删除附件成功','admin_upload.php' );
		}
	}

	private function show( $action, $message = '', $type = '' ) {
		global $cache;
		if( $message != '' ) {
			$message = '<p class="' . $type . '">' . $message . '</p>';
		}
		@header("content-type: text/html; charset=utf-8");
?>
<div class = "admin_panel">
	<div class = "admin_title">上传管理</div>
	<div class = "admin_content">
	<?php
	echo $message;
	switch( $action ) {
		case 'batch':
			$this->file_list( 'batch' );
			break;
		default:
			$this->file_list();
	}
	?>
	</div>
</div>
<?php
	}

	function file_list( $action = 'list' ) {
		global $db,$cache,$request;
		$current_page = max( 1, $request->page );
		$max_per_page = 20;
		if( $action == 'batch' ) {
			$id_arr = array();
			$id_arr = getGP( 'id_arr','P','array' );
			$control = getGP( 'Control','P' );
			$size = count( $id_arr );
			if( $size == 0 ) {
				obclean();
				show_admin_message( '您没有选中任何附件', 'admin_upload.php' );
				exit;
			}
			$sql = '';
			for( $i=0; $i<$size; $i ++ ) {
				$sql .= 'ul_id=' . $id_arr[$i] . ' OR ';
			}
			$sql = substr( $sql,0,-4 );
			$file_array = $db->fetch_all( "SELECT ul_id,ul_filepath,ul_filesize,ul_time,ul_downloads FROM `" . DB_PREFIX . "upload` WHERE ( $sql )" );
		}else{
			$offset = ($current_page - 1) * $max_per_page;
			$file_num = $_CACHE['count'][0]['file_num'];
			$file_array = $db->fetch_all( "SELECT ul_id,ul_filepath,ul_filesize,ul_time,ul_downloads FROM `" . DB_PREFIX . "upload` LIMIT $offset, $max_per_page" );
		}
?>
<?php if( $action == 'list' ) { ?><form name="smslist" action="admin_upload.php?action=Batch" method="post"><?php } ?>
	<div style="padding:5px;margin:2px;">      
		<table <?php if( $action == 'list' ) { ?>class="pickme"<?php } ?> style="table-layout: fixed;word-wrap: break-word;" width="100%" border="0" cellpadding="0" cellspacing="1" bgcolor="#bbbbbb">
			<thead>
				<tr align="center" height="22" bgcolor="#ffffff">
					<td width="3%"><?php if( $action == 'list' ) { ?><input type="checkbox" name="allbox" onclick="CheckAll();"><input type="checkbox" id="ckbox" style="display:none;" disabled><?php } ?></td>
					<td width="4%">序号</td>
					<td width="4%">编号</td>
					<td width="37%">文件</td>
					<td width="13%">大小</td>
					<td width="18%">时间</td>
					<td width="8%">下载</td>
					<td width="13%">管理操作</td>
				</tr>
			</thead>
			<tbody>
				<?php
				$i = 1;
				foreach( $file_array as $value ) {
				?>
				<tr align="center" height="20" bgcolor="#ffffff">
					<td ><?php if( $action == 'list' ) { ?><input type="checkbox" id="ckbox" name="id_arr[]" value="<?php echo $value['ul_id'] ?>" /><?php } ?></td>
					<td><?php echo ( $current_page - 1 ) * $max_per_page + $i ?></td>
					<td><?php echo $value['ul_id'] ?></td>
					<td><a href="<?php echo APP_PATH . $value['ul_filepath'] ?>" target="_blank"><?php echo $value['ul_filepath'] ?></a></td>
					<td>
						<?php
						if( $value['ul_filesize'] < 1024 ){
							echo $value['ul_filesize'] . 'B';
						}elseif( $value['ul_filesize'] < 1024*1024 ) {
							echo round( $value['ul_filesize']/1024, 2 ) . 'KB';
						}else{
							echo round( $value['ul_filesize']/(1024*1024), 2 ) . 'MB';
						}
						?>
					</td>
					<td><?php echo date( 'Y-m-d', $value['ul_time'] ) ?></td>
					<td><?php echo $value['ul_downloads'] ?></td>
					<td></td>
				</tr>
				<?php
					$i ++;
				}
				?>
			</tbody>
		</table>
	</div>
<?php if( $action == 'list' ) { ?>
	<?php echo Admin::get_navigator( $file_num, $max_per_page, $current_page, 'upload', 'list' ); ?>
	<div align="center">批量管理选项: <input type="radio" name="Control" value="删除" checked="checked"/>删除 <input type="submit" name="functionmit" class="main_button" value="执行操作" /></div>
<?php }else{ ?>
	<div style="padding:5px;margin:2px;">
	<form name="smslist" action="admin_upload.php?action=BatchExe" method="post">
		<input type="hidden" name="SQL" value="<?php echo $sql ?>"/>
	<?php
		if( $control == '删除' ) {
	?>
		<input type="hidden" name="Control" value="删除"/>
		<b>彻底删除后将不可恢复！确认要删除吗？</b><br />
		<input type="submit" name="submit" class="main_button" value="确认删除" />
	<?php
		}
	?>
	</form>
	</div>
<?php } ?>
<?php if( $action == 'list' ) { ?></form><?php } ?>
<div class="main_button"></div>
<?php
	}
}
?>
